Elements Endpoint Protection Web traffic scanning (Advanced Network Protection) is blocking or slowing down HTTP connections to an internal server, URL or of an application

Issue:

When the Web traffic scanning (Advanced Network Protection) feature is enabled, some applications are unable to connect to an internal server and some website addresses (URLs) are inaccessible or some applications have connectivity or performance (slowness) issues
Java-based applications unable to connect to an internal server or there are connectivity issues.

Resolution:

If the Web Traffic Scanning feature is causing issues for an application that connects to an internal server, you can add the server address as trusted. This will exclude the network traffic from Web Traffic Scanning.

To confirm that the issue is caused by the Web Traffic Scanning feature, you can try disabling it from one device from the local settings:

Open the Elements Agent user interface
Click the Settings icon
Go to the Malware Protection tab
Disable Advanced Network Protection

Once you have disabled the feature, try to reproduce the issue.

The Advanced Network Protection feature is called Web Traffic Scanning in the Elements Endpoint Protection Portal profiles. You can either exclude an application completely using a SHA-1 exclusion, file path exclusion or excluding the server address to which the application is having issues connecting reliably.

Steps to create a SHA-1 application exclusion:

Log in to the Elements Portal: https://elements.withsecure.com
Go to the Security configurations > Profiles page
Select the profile you want to edit
Go to the Real-time scanning settings page
Add the application SHA-1 in the Applications excluded from Web traffic scanning list
Click Save and publish

Steps to create a file path exclusion:

Log in to the Elements Portal
Go to the Security configurations > Profiles page
Select the profile you want to edit
Go to the General settings page
Click Add exclusion in the Exclude folders and files from all security scans section
Enter the full path of the process (Example: C:\ExampleFolder\Example.exe)
Click Save and publish

Steps to exclude an address:

Log in to the Elements Portal
Go to the Security configurations > Profiles page
Select the profile you want to edit
Go to the Browsing protection settings
Enable Web site exceptions
Click Add site under Allowed sites and enter the server address or hostname
- Note: Http:// or https:// doesn't need to be included
Click Save and publish

Article no: 000024235